Lucene search
+L

30 matches found

cvelist
cvelist
added 2024/11/04 12:0 a.m.32 views

CVE-2024-34885

Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to read SMTP accounts passwords via HTTP GET request...

0.00424EPSS
Exploits1References1
cve
cve
added 2024/11/04 12:0 a.m.68 views

CVE-2024-34891

CVE-2024-34891 affects 1C-Bitrix Bitrix24 23.300.100. The Red Hat, NVD, CNNVD and CVE lists confirm a vulnerability from insufficiently protected credentials in the DAV server settings, enabling remote administrators to read Exchange account passwords via HTTP GET. The PT-2024-7262 report restate...

6.8CVSS6.6AI score0.0029EPSS
Exploits1References1Affected Software1
cve
cve
added 2024/11/04 12:0 a.m.71 views

CVE-2024-34885

The CVE-2024-34885 entry concerns Bitrix24 (1C-Bitrix Bitrix24) version 23.300.100, where credentials in SMTP server settings are insufficiently protected. The underlying issue allows remote administrators to read SMTP account passwords via an HTTP GET request. The vulnerability impacts confident...

6.8CVSS6.6AI score0.00424EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2024/11/04 12:0 a.m.25 views

CVE-2024-34883

Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allow remote administrators to read proxy-server accounts passwords via HTTP GET request...

0.00371EPSS
Exploits0References1
nvd
nvd
added 2023/01/20 3:15 p.m.23 views

CVE-2022-43959

Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldapserveredit.php...

4.9CVSS5.4AI score0.01013EPSS
Exploits1References3
cve
cve
added 2023/01/20 12:0 a.m.98 views

CVE-2022-43959

The CVE-2022-43959 entry concerns 1C-Bitrix Bitrix24 (through version 22.200.200) with an issue in AD/LDAP server settings where credentials are insufficiently protected. The root cause is exposure of an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit....

4.9CVSS5.4AI score0.01013EPSS
Exploits1References3Affected Software1
openbugbounty
openbugbounty
added 2016/08/30 1:3 p.m.14 views

partners.1c-bitrix.ru Open Redirect vulnerability

Open Bug Bounty ID: OBB-178905 Description| Value ---|--- Affected Website:| partners.1c-bitrix.ru Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat Sheet...

6.9AI score
Exploits0
openbugbounty
openbugbounty
added 2016/08/16 11:3 a.m.20 views

1c-bitrix.ru Open Redirect vulnerability

Open Bug Bounty ID: OBB-175847 Description| Value ---|--- Affected Website:| 1c-bitrix.ru Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Remediation Guide:| OWASP Open Redirect Cheat Sheet Vulnerabl...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2009/09/28 12:0 a.m.127 views

[ONSEC-09-013] 1C Bitrix 8.0.5 Admin Console XSS

ONSEC-09-013 1C Bitrix 8.0.5 Admin Console XSS Цель: 1C Bitrix 8.0.5 Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 25.08.2009 Дата оповещения разработчика: 30.08.2009 Дата выхода исправления: 01.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание:...

Exploits0
securityvulns
securityvulns
added 2009/09/28 12:0 a.m.143 views

[ONSEC-09-014] 1C Bitrix WAF multiple XSS

Цель: 1C Bitrix WAF =8.0.5 Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 29.08.2009 Дата оповещения разработчика: 29.08.2009 Дата выхода исправления: 01.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание: Проактивный фильтр WAF системы управления...

Exploits0
Rows per page
Query Builder